Lucene search

[email protected]CVE-2018-1000617

HistoryJul 09, 2018 - 8:29 p.m.

CVE-2018-1000617

2018-07-0920:29:00

CWE-20

[email protected]

web.nvd.nist.gov

atlassian

floodlight

controller

cve-2018-1000617

dos

vulnerability

improper type cast

forwarding module

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.4%

JSON

Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash)… This attack appear to be exploitable via network connectivity (Remote attack).

Affected configurations

NVD

Node

atlassianfloodlight_controllerRange≤1.2

CPENameOperatorVersion
atlassian:floodlight_controlleratlassian floodlight controllerle1.2

CPE	Name	Operator	Version
atlassian:floodlight_controller	atlassian floodlight controller	le	1.2

References

gms.cl0udz.com/Floodlight_DoS.pdf

www.securityfocus.com/bid/104711

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

50.4%

JSON

Related for CVE-2018-1000617

prion1 cvelist1 nvd1